Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1769

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1769
Last Modified 05 Sep 2008 04:31:28
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1769

Summary

Microsoft Site Server 3.0 prior to SP4 installs a default user, LDAP_Anonymous, with a default password of LdapPassword_1, which allows remote attackers the "Log on locally" privilege.

Vulnerable Systems

Application

  • Microsoft Site Server 3.0

  • Microsoft Site Server Commerce 3.0


References

XF - siteserver-ldap-anonymous-account(8048)

BID - 3998

MSKB - Q248840

MISC - http://online.securityfocus.com/advisories/3843

VULNWATCH - 20020129 RFP2201: MS Site Server Evilness


Last Updated: 27 May 2016 10:37:28